1. Field
This field is generally related to management of multiple instances of a complex system.
2. Background
In computer security, a sandbox is a security mechanism for separating running programs. It is often used to execute untested code, or untrusted programs from unverified third-parties, suppliers, untrusted users and untrusted websites.
The sandbox typically provides a tightly-controlled set of resources for guest programs to run in, such as scratch space on disk and memory. Network access and the ability to inspect the host system or read from input devices are usually disallowed or heavily restricted. In this sense, sandboxes are a specific example of virtualization.
Sandboxes offer many advantages for ensuring that a program runs in a secure manner. For example, the restrictions that a sandbox places on a program or set of programs that are undergoing testing can be invaluable. It is possible to perform a test and also be assured that a program cannot jeopardize the integrity of system resources. This assurance is possible because a test that runs in a sandbox restricts access to resources in a manner that prevents accidental or malicious use of resources that would otherwise pose a danger. For example, a sandbox can run a test in a way that prevents release of private information, or prevents accessing a resource such as memory in a way that could corrupt information stored in memory.